package com.smart.filter;

import java.io.IOException;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.http.HttpStatus;
import org.springframework.web.filter.OncePerRequestFilter;

/**
 * 
 * 版权所有：xxxxxxx
 * @Description: 登录验证过滤器 
 * @Title: LoginFilter.java 
 * @ClassName: LoginFilter 
 * @author tangyan 
 * @date 2019年2月12日 下午2:58:43 
 * @version V1.0
 */
public class LoginFilter extends OncePerRequestFilter{

	/**
     * 当前登录用户信息
     */
    final public String SESSION_KEY_OBJ_USER_BEAN="userBean";
	
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
        throws ServletException, IOException {
        // 不过滤的uri
        String[] notFilter =  new String[] {"/images", "/js", "/css"};
        
        // 请求的uri
        String uri = request.getRequestURI();
        // 是否过滤
        boolean doFilter = true;
        for (String s : notFilter) {
            if (uri.indexOf(s) != -1) {
                // 如果uri中包含不过滤的uri，则不进行过滤
                doFilter = false;
                break;
            }
        }
        
        if (doFilter)  {
            // 执行过滤
            // 从session中获取登录者实体
            Object obj = request.getSession().getAttribute(SESSION_KEY_OBJ_USER_BEAN);
            if (null == obj) {
                boolean isAjaxRequest = isAjaxRequest(request);
                if (isAjaxRequest) {
                    response.setCharacterEncoding("UTF-8");
                    response.sendError(HttpStatus.UNAUTHORIZED.value(), "您的登录状态已失效，请重新登录。");
                    return ;
                }
                response.sendRedirect("/smart_doorlock");
                return;
            } else {
                // 如果session中存在登录者实体，则继续
                filterChain.doFilter(request, response);
            }
        // 如果不执行过滤，则继续
        filterChain.doFilter(request, response);
        }
    }
    
    /** 判断是否为Ajax请求 
     * <功能详细描述>
     * @param request
     * @return 是true, 否false 
     * @see [类、类#方法、类#成员]
     */
    public static boolean isAjaxRequest(HttpServletRequest request) {
        String header = request.getHeader("X-Requested-With"); 
        if (header != null && "XMLHttpRequest".equals(header)) 
            return true; 
        else 
            return false;  
    }

}
